在Heroku上通過omniauth登錄的Facebook無法正常工作

Question

我通過Rails構建了一個具有Facebook登錄功能的應用程序，該應用程序可以在localhost上完美運行，但是現在在Heroku上無法運行。 看來每個人都會遇到一個常見問題，但過去的問題或其他文章都沒有幫助。

錯誤圖片

上面的鏈接轉到錯誤圖像。 它應該來自Heroku，但來自Facebook，因為我在處理Stripe時遇到了相同的錯誤。 在此錯誤開始困擾我之前，Facebook出現了另一個錯誤，提示“ Can't Load URL: The domain of this URL isn't included in the app's domains. To be able to load this URL, add all domains and subdomains of your app to the App Domains field in your app settings. Can't Load URL: The domain of this URL isn't included in the app's domains. To be able to load this URL, add all domains and subdomains of your app to the App Domains field in your app settings. 但是可以通過將Heroku網址添加到Facebook應用頁面來解決。

我做了figaro heroku:set -e production所以應用程序密鑰和機密信息已在Heroku中設置。

這是我文件中的一些代碼；

config / initializers / devise.rb

config.omniauth :facebook, ENV["facebook_app_id"], ENV["facebook_app_secret"], scope: 'email', info_fields: 'email,name', secure_image_url: true

app / models / user.rb

def self.from_omniauth(auth)
  where(provider: auth.provider, uid: auth.uid).first_or_create do |user|
    user.email = auth.info.email
    user.password = Devise.friendly_token[0,20]
    user.name = auth.info.name   # assuming the user model has a name
    user.image = "http://graph.facebook.com/#{auth.uid}/picture?type=large" # assuming the user model has an image
    # If you are using confirmable and the provider(s) you use validate emails,
    # uncomment the line below to skip the confirmation emails.
    # user.skip_confirmation!
  end
end

控制器/用戶/omniauth_callback_controller.rb

class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController
  def facebook
    # You need to implement the method below in your model (e.g. app/models/user.rb)
    @user = User.from_omniauth(request.env["omniauth.auth"])

    if @user.persisted?
      sign_in_and_redirect @user, :event => :authentication #this will throw if @user is not activated
      set_flash_message(:notice, :success, :kind => "Facebook") if is_navigational_format?
    else
      session["devise.facebook_data"] = request.env["omniauth.auth"]
      redirect_to new_user_registration_url
    end
  end

  def failure
    redirect_to root_path
  end
end

heroku日志

2017-07-17T15:33:54.234171+00:00 app[web.1]: Started GET "/users/auth/facebook/callback?code=AQCoKbzr4 ///// 00703" for 150.116.22.144 at 2017-07-17 15:33:54 +0000
2017-07-17T15:33:54.236011+00:00 app[web.1]: I, [2017-07-17T15:33:54.235951 #4]  INFO -- omniauth: (facebook) Callback phase initiated.
2017-07-17T15:33:54.360053+00:00 app[web.1]: Processing by Users::OmniauthCallbacksController#facebook as HTML
2017-07-17T15:33:54.360097+00:00 app[web.1]:   Parameters: {"code"=>"AQCoKbzr4nv6c7BEpM ///// 86c27a00703"}
2017-07-17T15:33:54.371557+00:00 app[web.1]:   User Load (1.8ms)  SELECT  "users".* FROM "users" WHERE "users"."provider" = $1 AND "users"."uid" = $2  ORDER BY "users"."id" ASC LIMIT 1  [["provider", "facebook"], ["uid", "102081518247"]]
2017-07-17T15:33:54.581790+00:00 heroku[router]: at=info method=GET path="/users/auth/facebook/callback?code=AQCoK ///// a00703" host=xxxxxxx-xxxx-xxxxx.herokuapp.com request_id=93945-1199-417e-8d98-ede264cb fwd="150.116.22.144" dyno=web.1 connect=1ms service=350ms status=500 bytes=1754 protocol=https
2017-07-17T15:33:54.578410+00:00 app[web.1]: Completed 500 Internal Server Error in 218ms (ActiveRecord: 3.0ms)
2017-07-17T15:33:54.579175+00:00 app[web.1]: 
2017-07-17T15:33:54.579178+00:00 app[web.1]: RuntimeError (redirection forbidden: http://graph.facebook.com/102087018247/picture?type=large -> https://scontent.xx.fbcdn.net/v/t1.0-1/p200x200/13064_10202475740292_410664266178542_n.jpg?oh=ef118e9d947604c9c7055a92e2&oe=5A02F8B4):
2017-07-17T15:33:54.579178+00:00 app[web.1]:   app/models/user.rb:18:in `block in from_omniauth'
2017-07-17T15:33:54.579179+00:00 app[web.1]:   app/models/user.rb:14:in `from_omniauth'
2017-07-17T15:33:54.579180+00:00 app[web.1]:   app/controllers/users/omniauth_callbacks_controller.rb:4:in `facebook'
2017-07-17T15:33:54.579180+00:00 app[web.1]: 
2017-07-17T15:33:54.579181+00:00 app[web.1]:

我不知道Heroku日志中的RuntimeError表示什么...任何線索或建議，將不勝感激。

Answer 1

m確保已在Facebook Developers Console中將生產應用程序域列入白名單。

我通常會從默認應用程序中設置一個子測試應用程序，該測試應用程序具有其自己的密鑰，並為它們設置ENV，並且localhost被列入白名單。 這樣開發更容易

然后在您的應用程序和Heroku中為生產應用程序設置ENV，並將Heroku域列入白名單。 確保您的回調包含Heroku生產域，與您列入白名單的域匹配

然后在推送到Heroku后遷移Heroku數據庫（這對我來說通常很有效）

heroku run rake db:migrate

順便說一句，您訪問圖像的方式與我的操作方式不同。

user.remote_avatar_url = auth.info.image 

如果這不起作用，請告訴我，我當時在Heroku上設置了一些Facebook登錄名。

Answer 2

您收到重定向錯誤，因為圖片網址會將用戶重定向到另一個網址。 並且將http重定向到https時在open-uri中存在限制。

在錯誤消息中，您可以看到以下URL： http://graph.facebook.com/102087018247/picture?type=large : http://graph.facebook.com/102087018247/picture?type=large type= http://graph.facebook.com/102087018247/picture?type=large將被重定向到https://scontent.xx.fbcdn.net/v/t1.0-1/p200x200/13064_10202475740292_410664266178542_n.jpg?oh=ef118e9d947604c9c7055a92e2&oe=5A02F8B4

您可以通過在圖片網址中將HTTP替換為https來解決此問題

"https://graph.facebook.com/#{auth.uid}/picture?type=large"

或使用這種方式：

user.remote_image_url = auth.info.image.gsub(/\Ahttp:/, "https")